Ransomware is a type of malware that stops users being able to access their computer. It tells the user they will have to pay a ransom to be able to regain access, although access is not guaranteed even if you do pay the ransom. A famous ransomware attack was WannaCry which affected around 200,000 computers in 150 countries. One of the largest organisations the virus hit was the NHS, affecting 81 NHS trusts meaning that appointments had to be cancelled.
Types of ransomware
There are different types of ransomware including scareware, screen lockers and encrypting ransomware;
Scareware is designed to make you think that you have malware on your computer using pop up messages. The messages appear as legitimate messages from antivirus companies that will tell you to buy some software as your files have been infected.
Screen lockers lock you out of your computer so that when you turn it on, a full-sized window appears telling you that you are locked out, often trying to look as though you are subject to a government inquiry. However, the data is not encrypted.
Encryption ransomware is the worst type of ransomware. This is where all the files on your computer are encrypted and you’ll be asked to pay a ransom to get your files back, although even if you pay there is no guarantee that you will regain access to your files.
How do I get ransomware?
There are a number of ways that ransomware can infect your computer. Social engineering is used to entice users to click on malicious links or attachments in emails. Malicious websites adverts can also be used to distribute malware without the user having to anything other than open the web page.
How to Prevent against Ransomware
1. Patch (update) software – you should always keep all software up to data as some ransomware uses vulnerabilities in outdated software. The patch to prevent WannaCry was released by Microsoft a couple of weeks before the attack. If all the computers had been patched properly, the attack would have never happened. (N-Able RMM)
2. Antivirus – antivirus software will detect and prevent malicious files on your system (N-Able EDR)
3. Firewall – A good firewall is important to prevent unauthorised access from entering your network (WatchGuard)
4. Mail filters – Mail filters can detect and block potentially dangerous emails that could contain malicious attachments or links to malicious websites (Hornet)
5. Education – educating users on how to spot malicious and phishing emails could prevent a ransomware attack and also educate how to set strong passwords (KnowBe4)
6. Backup data – backing up your data won’t prevent a ransomware attack but having backups mean that you shouldn’t lose everything in the event of an attack. You should have 3 copies of your data, the live data, onsite backup and an offsite backup. Protecting your Office 365 (N-Able)